Enter a description, an IP address, and a subnet mask into the form that appears.

Click Add.

The filter node will use the marker only if its current IP address and the subnet mask match the ones set in the Wallarm interface.

The requests marked with the X-Wallarm-Marker header will be used to update the application profile.

Markers and Fuzzing

Fuzzing is a method of provoking abnormal behavior in a program by inputting atypical data in the program. There is a high probability that fuzzing can cause errors in the program. Wallarm uses fuzzing only for the requests that are marked as safe to be modified.

This method, along with unit tests, provides greater coverage from the information security point of view and covers an application's new components that are being tested, deployed, or are already deployed.

Advanced fuzzing support is in high demand with the companies using Continuous Integration/Continuous Delivery.

Setting a Fuzzer

To set up a fuzzer, do the following:

Add the following header to the request: X-Wallarm-Marker: <marker>

Add the following header to the request: X-Wallarm-Fuzzer: yes

Add advanced settings to the header X-Wallarm-Fuzzer-Policy:

replace-all <N>

add-to-end <N>

add-to-begin <N>

replace-from-end <M><N>

replace-from-begin <M><N>

insert-into-random <N>

Each vulnerability discovered during the checks will appear on the Vulnerabilities tab of the Wallarm interface. For such vulnerability, there will also be a report generated and sent to your email.